Part of alignment includes developing organizational touchpoints for Data Governance work. The CDO Organizational Touch Points figure illustrates examples of touch points that support alignment and cohesiveness of an enterprise data governance and data management approach in areas outside the direct authority of the Chief Data Officer.

• Procurements and Contracts: The CDO works with a Vendor/Partner Management or Procurement to develop and enforce standard contract language vis-a-vis data management contracts. These could include Data-as-a-Service (DaaS) and cloud-related procurements, other outsourcing arrangements, third-party development efforts, or content acquisition / licensing deals, and possibly data-centric IT tools acquisitions and upgrades.
• Budget and Funding: If the CDO is not directly in control of all data acquisition-related budgets, then the office can be a focal point for preventing duplicate efforts and ensuring optimizations of acquired data assets.
• Regulatory Compliance: The CDO understands and works within required local, national, and international regulatory environments, and how these impact the organization and their data management activities. Ongoing monitoring is performed to identify and track new and potential impacts and requirements.

• SDLC / development framework: The data governance program identifies control points where enterprise policies, processes, and standards can be developed in the system or application development lifecycles.

The touch points that the CDO influences support the organization's cohesiveness in managing its data, therefore, increasing its nimbleness to use its data. In essence, this is a vision of how DG will be perceived by the organization.

September 2023 Newsletter.pdf

In a centralized model, one Data Governance organization oversees all activities in all subject areas. In a replicated model, the same DG operating model and standards are adopted by each business unit. In a federated model, one Data Governance organization coordinates with multiple Business Units to maintain consistent definitions and standards.

The most formal and mature data management operating model is a centralized one. Here everything is owned by the Data Management Organization. Those involved in governing and managing data report directly to a data management leader who is responsible for Governance, Stewardship, Metadata Management, Data Quality Management, Master and Reference Data Management, Data Architecture, Business Analysis, etc.

The core word in governance is govern. Data governance can be understood in terms of political governance. It includes legislative-like functions (defining policies, standards and the Enterprise Data Architecture), judicial-like functions (issue management and escalation), and executive functions (protecting and serving, administrative responsibilities). To better manage risk, most organizations adopt a representative form of data governance, so that all stakeholders can be heard.

Each organization should adopt a governance model that supports its business strategy and it likely to succeed within its own cultural context. Organizations should also be prepared to evolve that model to meet new challenges. Models differ with respect to their organizational structure, level of formality, and approach to decision-making. Some models are centrally organized, while others are distributed.

Data governance organizations may also have multiple layers to address concerns at different levels within an enterprise - local, divisional, and enterprise-wide. The work of governance is often divided among multiple committees, each with a purpose and level of oversight different from others.

This Figure represents a generic data governance model, with activities at different levels within the organization (vertical axis), as well as separation of governance responsibilities within organizational functions and between technical (IT) and business areas.

Just as an auditor controls financial processes but does not actually executive financial management, data governance ensures data is properly managed without directly executing data management. Data governance represents an inherent separation of duty between oversight and execution.

A data-centric organization values data as an asset and manages data through all phases of its lifecycle, including project development and ongoing operations. To become data-centric, and organization must change the way it translates strategy into action. Data is no longer treated as a by-product of process and applications. Ensuring data is of high quality is a goal of business processes. As organizations strive to make decisions based on insights gained from analytics, effective data management becomes a very high priority.

People tend to conflate data and information technology. To become data-centric, organizations need to think differently and recognize that managing data is different from managing IT. This shift is not easy. Existing culture, with its internal politics, ambiguity about ownership, budgetary competition, and legacy systems, can be a huge obstacle to establishing an enterprise vision of data governance and data management.

While each organization needs to evolve its own principles, those that seek to get more value from their data are likely to share the following:

• Data should be managed as a corporate asset

• Data management best practices should be incented across the organization

• Enterprise data strategy must be directly aligned with overall business strategy

• Data management processes should be continuously improved

Data Governance (DG) is defined as the exercise of authority and control (planning, monitoring, and enforcement) over the management of data assets. All organizations make decisions about data, regardless of whether they have a formal Data Governance function. Those that establish a formal Data Governance program exercise authority and control with greater intentionality (Seiner, 2014). Such organizations are better able to increase the value they get from their data assets.

The Data Governance function guides all other data management functions. The purpose of Data Governance is to ensure that data is managed properly, according to policies and best practices (Ladley, 2012). While the driver of data management overall is to ensure an organization gets value out of its data, Data Governance focuses on how decisions are made about data and how people and processes are expected to behave in relation to data. The scope and focus of a particular data governance program will depend upon organizational needs, but most programs include:

• Strategy: Defining, communicating, and driving execution of Data Strategy and Data Governance Strategy

• Policy: Setting and enforcing policies related to data and Metadata management, access, usage, security, and quality

• Standards and quality: Setting and enforcing Data Quality and Data Architecture standards

• Oversight: Providing hands-on observation, audit, and correction in key areas of quality, policy and data management (often referred to as stewardship)

• Compliance: Ensuring the organization can meet data-related regulatory compliance requirements

• Issue management: Identifying, defining, escalating, and resolving issues related to data security, data access, data quality, regulatory compliance, data ownership, policy, standards, terminology, or data governance procedures

• Data management projects: Sponsoring efforts to improve data management practices

• Data asset valuation: Setting standards and processes to consistently define the business value of data assets

To accomplish these goals, a Data Governance program will develop policies and procedures, cultivate data stewardship practices at multiple levels within the organization, and engage in organizational change management efforts that actively communicate to the organization the benefits of improved data governance and the behaviors necessary to successfully manage data as an asset.

For most organizations, adopting formal Data Governance requires the support of organizational change management, as well as sponsorship from a C-Level executive, such as Chief Risk Officer, Chief Financial Officer, or Chief Data Officer.

Are you ready to take your career to the next level? We're thrilled to announce the launch of our 12-week virtual Certified Data Management Professional (CDMP) Study Group, designed to help you succeed in the world of data management. Learn more about the CDMP Exam HERE.

Start Date: Week of September 4th
Meeting Time: Thursday evenings from 6:00 PM to 7:00 PM
Location: Virtual (Online Platform)

What you can expect:
• Engaging weekly study sessions to cover CDMP exam topics.
• Interactive discussions and Q&A sessions to enhance your understanding.
• A 1/2 day virtual exam prep deep dive the last week in November.
• "Pay if you Pass" (PIYP) virtual exam event on November 2nd.

Informational Sessions:
Dates: August (24th and 28th)
Where: Online (Email for meeting registration info)
Purpose: Learn about the study group and CDMP exam, get your questions answered.

How to Get Involved:

To learn more, register, or secure your spot for this enriching opportunity, simply send an email to: ProfessionalDevelopmentVP@damarmc.org. Hurry, spaces are limited!

Don't miss out on this chance to boost your career prospects and become a certified data management professional. We look forward to embarking on this exciting journey with you!

Don't forget to order your essential study resource, the #DMBOK (Data Management Body of Knowledge), to ensure you're fully prepared to excel in both your studies and the CDMP exam. Order through DAMA-RMC at a discounted rate HERE. 

And remember you must be a DAMA-RMC professional member to take advantage of this amazing opportunity. Don’t delay, join today HERE.

Stay tuned for more updates and detailed schedules.

Projects that use personal data should have a disciplined approach to the use of that data. They should account for:

• How they select their population for study (arrow 1)

• How data will be captured (arrow 2)

• What activities analytics will focus on (arrow 3)

• How the results will be made accessible (arrow 4)

Within each area of consideration, they should address potential ethical risks, with a particular focus on possible negative effects on customers or citizens.

A risk model can be used to determine whether to execute the project. It will also influence how to execute the project. For example, the data will be made anonymous, the private information removed from the file, the security on the files tightened or confirmed, and a review of the local and other applicable privacy law reviewed with legal. Dropping customers may not be permitted under law if the organization is a monopoly in a jurisdiction, and citizens have no other provider options such as energy or water.

Because data analytics projects are complex, people may not see the ethical challenges. Organizations need to actively identify potential risks. They also need to protect whistleblowers who do see risks and raise concerns. Automated monitoring is not sufficient protection from unethical activities. People - the analysts themselves - need to reflect on possible bias. Cultural norms and ethics in the workplace influence corporate behavior - learn and use the ethical risk model. DAMA International encourages data professionals to take a professional stand, and present the risk situation to business leaders who may not have recognized the implications of particular uses of data and these implications in their work.

August 2023 Newsletter.pdf

Defined simply, ethics are principles of behavior based on ideas of right and wrong. Ethical principles often focus on ideas such as fairness, respect, responsibility, integrity, quality, reliability, transparency, and trust. Data handling ethics are concerned with how to procure, store, manage, use, and dispose of data in ways that are aligned with ethical principles. Handling data in an ethical manner is necessary to the long-term success of any organization that wants to get value from its data. Unethical #datahandling can result in the loss of reputation and customers, because it puts at risk people whose data is exposed. In some cases, unethical practices are also illegal. Ultimately, for #datamanagement professionals and the organizations for which they work, data ethics are a matter of social responsibility.

The ethics of data handling are complex, but they center on several core concepts:

• Impact on people: Because data represents characteristics of individuals and is used to make decisions that affect people's lives, there is an imperative to manage its quality and reliability.

• Potential for misuse: Misusing data can negatively affect people and organizations, so there is an ethical imperative to prevent the misuse of data.

• Economic value of data: Data has economic value. Ethics of #dataownership should determine how that value can be accessed and by whom.

Organizations protect data based largely on lows and regulatory requirements. Nevertheless, because data represents people (customers, employees, patients, vendors, etc.), data management professionals should recognize that there are ethical (as well as legal) reasons to protect data and ensure it is not misused. Even data that does not directly represent individuals can still be used to make decisions that affect people's lives.

There is an ethical imperative not only to protect data, but also manage its quality. People making decisions, as well as those impacted by decisions, expect data to be complete and accurate. From both a business and a technical perspective, data management professionals have an ethical responsibility to manage data in a way that reduces risk that it may misrepresent, be misused, or be misunderstood. This responsibility extends across the data lifecycle, from creation to destruction of data.

Unfortunately, many organizations fail to recognize and respond to the ethical obligations inherent in data management. They may adopt a traditional technical perspective and profess not to understand the data; or they assume that if they follow the letter of the law, they have no risk related to data handling. This is a dangerous assumption.

The data environment is evolving rapidly. Organizations are using data in ways they would not have imagined even a few years ago. While laws codify some ethical principles, legislation cannot keep up with the risks associated with evolution of the data environment. Organizations must recognize and respond to their ethical obligation to protect data entrusted to them by fostering and sustaining a culture that values the ethical handling of information.